How to remove WindowsKernelExplorer.sys

» File
File Details
Overview
Analysis

WindowsKernelExplorer.sys

The module WindowsKernelExplorer.sys has been detected as Worm.Boychi

WindowsKernelExplorer.sys

Remove WindowsKernelExplore

File Details

Main Info:

Product Name:	Windows Kernel Explorer
Company Name:	Axt Mueller
MD5:	0d91b7f4747a1b231f18c0f3c135fb17
Size:	3 MB
First Published:	2019-07-24 09:04:12 (5 years ago)
Latest Published:	2019-07-24 09:09:49 (5 years ago)

Analysis:

Status:	Worm.Boychi (on last analysis)
Analysis Date:	2019-07-24 09:09:49 (5 years ago)

Overview

Digital Signature

Signed By:	HT Srl
Status:	Valid

Common Places:

%sysdrive%\windows.old\users\pc\appdata\local

%desktop%\windows-kernel-explorer-master\binaries

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000000010000
Entry Address:	0x001bd3a8

PE Sections:

Name	Size of data	MD5
.text	353792	dbc89b953816179ae9007c1de7b859fe
.rdata	11264	32250e896ddc68f9283072781d407cd4
.data	14336	b77b5200a1533bbda5aee2b5b4467533
.pdata	11264	2bf67864f5f3b61a4d8663c5ede6db84
INIT	6144	745d12e4af04c3b19581d524fb9ea27e
.vmp0	1354752	9b12343675f5345d5c7b38146bfe8b0a
.vmp1	1779200	09f2edb64e964ccc7fee1f878646a9ae
.reloc	3072	80e2ad846fad616866cbc3566a5aabdf
.rsrc	1024	9de11018634a4f31723cf8495c47c7f2

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for WindowsKernelExplorer.sys

copyright for information about WindowsKernelExplorer.sys